xwine: several vulnerabilities
| Package(s): | xwine |
CVE #(s): | CVE-2008-0930
CVE-2008-0931
|
| Created: | March 21, 2008 |
Updated: | March 26, 2008 |
| Description: |
The xwine command makes unsafe use of local temporary files when printing. This could allow the removal of arbitrary files belonging to users who invoke the program. The xwine command changes the permissions of the global WINE configuration file such that it is world-writable. This could allow local users to edit it such that arbitrary commands could be executed whenever any local user executed a program under WINE. |
| Alerts: |
|
